update main.cf and defaults vars
This commit is contained in:
Ludovic Cartier
BIN
defaults/.main.yml.swp
Normal file
BIN
defaults/.main.yml.swp
Normal file
Binary file not shown.
@@ -1,64 +1,51 @@
|
|||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
|
||||||
|
myhostname = {% if postfix_hostname is defined %}{{ postfix_hostname }}{% else %}{{ ansible_hostname }}{% endif %}
|
||||||
|
|
||||||
compatibility_level= {{ postfix_compatibility_level }}
|
compatibility_level= {{ postfix_compatibility_level }}
|
||||||
|
|
||||||
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
|
|
||||||
|
|
||||||
# Debian specific: Specifying a file name will cause the first
|
|
||||||
# line of that file to be used as the name. The Debian default
|
|
||||||
# is /etc/mailname.
|
|
||||||
myorigin = /etc/mailname
|
myorigin = /etc/mailname
|
||||||
|
mydestination = $myhostname, localhost.$mydomain, localhost, {% if postfix_hostname is defined %}{{ postfix_hostname }}{% else %}{{ ansible_hostname }}{% endif %}
|
||||||
|
mynetworks_style = {{ postfix_mynetworks_style }}
|
||||||
|
mynetworks = {{ postfix_mynetworks | join(' ') }}
|
||||||
|
inet_interfaces = {{ postfix_inet_interfaces }}
|
||||||
|
inet_protocols = {{ postfix_inet_protocols }}
|
||||||
|
|
||||||
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
|
|
||||||
biff = no
|
biff = no
|
||||||
|
|
||||||
# appending .domain is the MUA's job.
|
|
||||||
append_dot_mydomain = no
|
append_dot_mydomain = no
|
||||||
|
append_at_myorigin = yes
|
||||||
# Uncomment the next line to generate "delayed mail" warnings
|
|
||||||
#delay_warning_time = 4h
|
|
||||||
|
|
||||||
readme_directory = no
|
readme_directory = no
|
||||||
|
|
||||||
# TLS parameters
|
|
||||||
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
|
|
||||||
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
|
|
||||||
smtpd_use_tls=yes
|
|
||||||
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
|
||||||
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
|
||||||
|
|
||||||
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
|
|
||||||
# information on enabling SSL in the smtp client.
|
|
||||||
|
|
||||||
myhostname = {% if postfix_hostname is defined %}{{ postfix_hostname }}{% else %}{{ ansible_hostname }}{% endif %}
|
|
||||||
|
|
||||||
alias_maps = hash:/etc/aliases
|
alias_maps = hash:/etc/aliases
|
||||||
alias_database = hash:/etc/aliases
|
alias_database = hash:/etc/aliases
|
||||||
mydestination = $myhostname, localhost.$mydomain, localhost, {% if postfix_hostname is defined %}{{ postfix_hostname }}{% else %}{{ ansible_hostname }}{% endif %}
|
|
||||||
|
|
||||||
mynetworks = {{ postfix_networks | default('127.0.0.0/8') }}
|
relayhost = {{ postfix_relayhost }}
|
||||||
mailbox_size_limit = 0
|
smtpd_relay_restrictions = {{ postfix_smtpd_relay_restrictions|join(' ') }}
|
||||||
recipient_delimiter = +
|
recipient_delimiter = {{ postfix_recipient_delimiter }}
|
||||||
inet_interfaces = {{ postfix_interfaces | default('all') }}
|
mailbox_size_limit = {{ postfix_mailbox_size_limit }}
|
||||||
inet_protocols = {{ postfix_protocols | default('all') }}
|
message_size_limit = {{ postfix_message_size_limit }}
|
||||||
#masquerade_domains = XXX
|
|
||||||
message_size_limit = 10000000
|
|
||||||
home_mailbox = /
|
|
||||||
mailbox_size_limit = 0
|
|
||||||
#mailbox_command = /usr/bin/procmail -f- -a $USER
|
|
||||||
|
|
||||||
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
|
{% if postfix_sasl_password_map is defined %}
|
||||||
|
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
|
||||||
|
smtp_sasl_auth_enable = yes
|
||||||
|
smtp_sasl_security_options = noanonymous
|
||||||
|
smtp_sasl_tls_security_options = noanonymous
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
||||||
|
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
||||||
|
smtp_tls_security_level = {{ postfix_smtp_tls_security_level }}
|
||||||
|
smtp_tls_ciphers = {{ postfix_smtp_tls_ciphers }}
|
||||||
|
smtp_tls_loglevel = {{ postfix_smtp_tls_loglevel }}
|
||||||
|
smtp_tls_protocols = {{ postfix_smtp_tls_protocols | join(', ') }}
|
||||||
|
smtp_tls_exclude_ciphers = {{ postfix_smtp_tls_exclude_ciphers | join(', ') }}
|
||||||
|
|
||||||
|
smtpd_use_tls=yes
|
||||||
|
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
|
||||||
|
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
|
||||||
|
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
||||||
|
|
||||||
{% if postfix_sender_relay is defined %}
|
{% if postfix_sender_relay is defined %}
|
||||||
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
|
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
|
||||||
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
|
|
||||||
smtp_sasl_security_options = noanonymous
|
|
||||||
smtp_sasl_tls_security_options = noanonymous
|
|
||||||
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
|
||||||
smtp_sasl_auth_enable = yes
|
|
||||||
smtp_tls_security_level = may
|
|
||||||
smtp_tls_ciphers = medium
|
|
||||||
smtp_tls_loglevel = 0
|
|
||||||
smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1
|
|
||||||
smtp_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL
|
|
||||||
smtp_sender_dependent_authentication = yes
|
smtp_sender_dependent_authentication = yes
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|||||||
Reference in New Issue
Block a user